Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Normally, setting persons to active/inactive is managed in the AD or HR system and handled in Identity Manager via the automatic import. Optionally, they can be available as manual processes. 

Standard workflow


ActorActionOptionPhysical IDDigital IDPhysical access
1Registration officer or HelpdeskIn Identity Manager: Browses for the person and clicks Deactivate.

-

(tick) 

(tick) 

(tick) 

2Identity ManagerSets person to Inactive, removes all roles.-

(tick) 

(tick) 

(tick) 

3Identity Manager

Optionally, locks any connected cards.

-

(tick) 

(tick) 

(tick) 

4Identity ManagerExports the card data to the PACS system. 


(tick) 

5Identity Manager

Locks any software tokens.

-


(tick) 

(tick) 

6CA

Revokes any certificates.

-


(tick) 

(tick) 


Technical references

OptionProcess

Deactivate employee

BaseProcDeactivateEmployee (see image)

Deactivate contractor

BaseProcDeactivateContractor

Deactivate visitor

BaseProcDeactivateVisitor

Deactivate employee and physical IDs

CCProcDeactivateEmployee

Deactivate contractor and physical IDs

CCProcDeactivateContractor

Deactivate visitor and physical IDs

CCProcDeactivateVisitor

Deactivate employee and digital IDs

PcmProcDeactivateEmployee

Deactivate contractor and digital IDs

PcmProcDeactivateContractor

Deactivate visitor and digital IDs

PcmProcDeactivateVisitor


  • No labels